Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
5.5AI Score
0.02EPSS
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
6.3AI Score
0.013EPSS
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
5.7AI Score
0.003EPSS
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
6.6AI Score
0.002EPSS
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
6.1AI Score
0.006EPSS